* Fix: isset check on $_SERVER['HTTPS'] to support environments where this key is missing

* Improvement: add headers_sent() check for situations where the headers already have been sent, possibly due to an error earlier in the system.

* Improvement: Update CSP reporting URI on permalink structure change

Run upgrade only once

Prepare for 6.0 release with upgrade notice, disabling auto updates for 6.0, and code preparation to prevent conflicts between major versions

* New: option to install required free plugin from pro

* Improvement: no upgrade insecure requests network wide on per site activated sites

* Improvement: removing CSP rules

* Improvement: upgrade .htaccess http headers to advanced-headers.php

* Improvement: use manage_security capability

* Improvement: extend system status with versions of both free and premium

* Improvement: catch situation where pro is deactivated while free not active

* Fix: advanced-headers.php did not generated CSP correctly

* Fix: Browsers support for new report-to reporting attribute not good enought to use it yet.

Dropped PHP header option in favor of advanced-headers.php

* Improvement: New default Referrer Policy => strict-origin-when-cross-origin

* Improvement: New default for X-XSS header

* Improvement: Dropped Expect-CT header as it's now deprecated, integrated by default in certificates

* Improvement: Updated Permissions Policy with improved defaults, updated to new values as currently supported in browsers

* Improvement: dropped access-control-allow-origin header, as it can only be used dynamically, which is not feasible in most WP environments

* Improvement: new languages

* Improvement: several small bug fixes and typo's

Fix: roll back new license check 

* Improvement: language files

* Changed: license